File Disclosure Vulnerability in OpenView Configuration Management by Hewlett-Packard
CVE-2007-5413

Currently unrated

Key Information:

Vendor: HP
Status: Openview Configuration Management; Openview Client Configuraton Manager
Vendor: CVE Published:; 29 October 2007

Summary

The Radia Integration Server in HP's OpenView Configuration Management and Client Configuration Manager allows remote attackers to exploit vulnerabilities through crafted URLs. These URLs may contain tilde (~) references that lead to unauthorized access, enabling attackers to read arbitrary files from the server's file system, including sensitive user directories. This exposure can have significant implications for the confidentiality of data stored on affected systems.

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/archive/1/483106/100/100/thr...

mailing-listx_refsource_BUGTRAQ

http://osvdb.org/39528

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Oct 29, 2007
Vulnerability Reserved
Oct 12, 2007